Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0E8F438EF46411EFA6407942762E951A.roa
File: 0E8F438EF46411EFA6407942762E951A.roa (raw, json)
Hash identifier: C6wMzd/1L1cmeLoSvvLaxLhfbhkXoiUu9cGJhVWYU60=
Subject key identifier: F2:66:D8:80:95:77:FB:A2:71:4C:EF:5C:A9:44:0E:4E:86:10:12:46
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01355B
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0E8F438EF46411EFA6407942762E951A.roa
Signing time: Wed 26 Feb 2025 17:06:45 +0000
ROA not before: Wed 26 Feb 2025 17:06:41 +0000
ROA not after: Sat 19 Feb 2028 17:06:41 +0000
asID: 17561
IP address blocks: 156.233.53.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 79195 (0x1355b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 26 17:06:41 2025 GMT
Not After : Feb 19 17:06:41 2028 GMT
Subject: CN=67bf4a25-ec84
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:fa:90:c4:3a:a0:73:8e:e0:cf:e7:af:40:65:
0a:cd:cf:37:00:be:db:32:25:79:1b:f9:90:d9:08:
f2:50:da:6b:6e:d5:d1:d9:50:69:fb:63:fb:74:2d:
0a:72:30:d9:f8:e3:3c:08:07:54:39:84:10:6a:4e:
fd:36:e5:09:77:33:87:06:1a:0f:7a:62:b4:53:94:
9f:e0:1b:49:57:8c:12:cb:03:96:c0:44:41:36:66:
2f:29:f1:d4:3d:de:16:e7:38:2a:82:c2:39:84:b3:
a9:c1:ed:af:cd:33:7f:33:72:7b:e3:de:98:d9:9b:
bb:92:fb:1c:00:88:73:4f:d1:61:7f:9c:61:a8:20:
a0:75:c9:04:1e:b3:5c:0e:dd:96:35:31:e6:85:10:
09:d9:3d:20:22:de:11:bc:c2:f9:82:20:78:e6:86:
8e:46:65:37:60:38:1f:a0:11:e7:cb:84:d0:cf:5f:
74:35:bf:42:c5:4c:fd:c6:61:76:41:29:df:cb:7a:
78:c9:14:22:85:ec:39:ce:5d:3b:72:35:c3:33:11:
ab:72:ef:7e:0f:d2:6e:67:d6:78:de:17:b6:72:3b:
51:e0:46:92:52:c0:83:42:8e:8f:a6:21:89:54:d2:
b2:92:a5:9f:eb:7e:1f:52:de:fc:f7:68:60:a5:79:
42:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:66:D8:80:95:77:FB:A2:71:4C:EF:5C:A9:44:0E:4E:86:10:12:46
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0E8F438EF46411EFA6407942762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.233.53.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:e7:14:96:c3:3d:53:96:d8:7f:e2:c0:a4:58:c8:9a:c9:2c:
ef:c7:14:28:0c:d8:c2:cc:d2:28:0d:27:70:78:04:f2:12:f3:
15:5a:ea:1a:fc:1e:2c:27:5e:ed:63:10:52:18:3e:e2:55:c3:
d0:56:1c:b2:f3:b6:38:67:2e:eb:51:ba:35:05:ad:d5:cb:5d:
e6:50:7b:4b:95:10:f4:cd:5f:2a:55:99:25:e9:5d:49:0e:c5:
36:20:2c:cd:88:cb:ef:4a:8c:b2:0a:86:93:0f:33:09:c0:c3:
20:f7:68:1e:f2:9c:b0:77:7e:ad:4f:07:07:8d:3e:3b:15:a2:
d0:ab:a4:9a:5d:f8:e2:08:17:af:40:38:ec:88:8f:cf:ad:86:
69:03:8d:67:7a:9b:ec:23:9a:30:76:b7:9c:39:18:61:26:8c:
f7:9a:f9:d0:ff:da:54:14:6f:47:79:f4:d5:b9:6f:7a:ff:be:
ac:9f:40:5e:53:95:e2:4c:e9:b6:11:44:e0:6c:1a:7b:06:79:
d8:2e:b0:b2:16:79:e0:e9:31:bb:51:c1:40:37:15:83:23:99:
7a:c2:04:4b:d6:9b:04:43:c9:66:5e:db:eb:0b:d9:2c:c2:16:
f3:c9:7d:d8:25:6b:31:71:a1:78:48:62:28:db:62:a6:e9:15:
03:b4:80:6d
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDATVbMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjI2MTcwNjQxWhcNMjgwMjE5MTcwNjQxWjAYMRYw
FAYDVQQDEw02N2JmNGEyNS1lYzg0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvfqQxDqgc47gz+evQGUKzc83AL7bMiV5G/mQ2QjyUNprbtXR2VBp+2P7
dC0KcjDZ+OM8CAdUOYQQak79NuUJdzOHBhoPemK0U5Sf4BtJV4wSywOWwERBNmYv
KfHUPd4W5zgqgsI5hLOpwe2vzTN/M3J7496Y2Zu7kvscAIhzT9Fhf5xhqCCgdckE
HrNcDt2WNTHmhRAJ2T0gIt4RvML5giB45oaORmU3YDgfoBHny4TQz190Nb9CxUz9
xmF2QSnfy3p4yRQihew5zl07cjXDMxGrcu9+D9JuZ9Z43he2cjtR4EaSUsCDQo6P
piGJVNKykqWf634fUt7892hgpXlCxQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFPJm
2ICVd/uicUzvXKlEDk6GEBJGMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8wRThGNDM4RUY0NjQxMUVGQTY0MDc5NDI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOk1MA0GCSqGSIb3DQEBCwUA
A4IBAQCM5xSWwz1Tlth/4sCkWMiaySzvxxQoDNjCzNIoDSdweATyEvMVWuoa/B4s
J17tYxBSGD7iVcPQVhyy87Y4Zy7rUbo1Ba3Vy13mUHtLlRD0zV8qVZkl6V1JDsU2
ICzNiMvvSoyyCoaTDzMJwMMg92ge8pywd36tTwcHjT47FaLQq6SaXfjiCBevQDjs
iI/PrYZpA41nepvsI5owdrecORhhJoz3mvnQ/9pUFG9HefTVuW96/76sn0BeU5Xi
TOm2EUTgbBp7BnnYLrCyFnng6TG7UcFANxWDI5l6wgRL1psEQ8lmXtvrC9kswhbz
yX3YJWsxcaF4SGIo22Km6RUDtIBt
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:06:18 2025 by rpki-client